Indianapolis-based TRIMEDX has joined CyberVista, Arlington, Va., to launch CE CYBER Academy—a comprehensive cybersecurity training and certification program specifically designed to address the growing threat of cyberattacks on connected medical devices. CE CYBER Academy will give TRIMEDX’s associates—more than 3,100 nationwide—the vital skills that many health systems struggle to source in the face of unprecedented demand for cybersecurity expertise.

“By 2025, it is estimated that 68% of medical devices will connect to provider networks, making it crucial for health systems to have the ability to accurately track connected medical devices, have accurate information on the operating system, and respond to impacted medical devices,” says LeAnne Hester, chief marketing officer for TRIMEDX. “As a result of this trend, there is a need for clinical engineering and information technology teams to work together in a completely different way.”

TRIMEDX and CyberVista have developed a curriculum designed specifically for on-site technical personnel as they respond to ongoing issues. Through its online learning management system, CE CYBER Academy will offer continuing professional development and access to resources. Knowledge assessments will ensure that associates understand the material. Throughout the CE CYBER Academy, TRIMEDX associates will:

  • Enhance their knowledge on the importance of clinical engineering in cybersecurity.
  • Learn the latest around the importance and process of securing sensitive data and information.
  • Increase their understanding and awareness of social engineering attack methods, consequences, and preventions.

Organizations across industries are experiencing a major cybersecurity talent gap. The 2019 Cybersecurity Workforce Study from the International Information System Security Certification Consortium (ISC)2 reported that more than 561,000 cybersecurity jobs remain unfilled in the United States alone, which is part of a global workforce gap of more than 4 million. And in a recent report from SecurityScorecard, the healthcare industry ranked 15th out of the 17 industries reviewed in terms of overall cybersecurity expertise and last (17th) in terms of speed or process in patching vulnerabilities that could expose sensitive information like patient medical records or access to medical equipment.

“Knowing that the weakest link in most cyberdefense is typically the human element, we’re investing in giving our CE CYBER specialists, managers, and technicians the skills necessary to keep our front-line defenses strong against the rapidly increasing number of cyber threats against connected medical devices,” says Jon Benedict, director of solutions management for clinical engineering and information security. “This training will enable them to develop effective security metrics to assess the risk in a provider’s environment and communicate with clients to collaboratively drive compliance.” 

CyberVista aims to create a cyber-ready workforce through personalized training programs that provide organizations with the people, knowledge, and skills required to defend their most critical assets. Areas of training include computers and networking, inventory management, secure deployment and configuration management, protect and defend, and investigate and analysis―from foundational to expert level.

“TRIMEDX has displayed leadership by embracing its cyber-enabled workforce to arm a wide variety of roles, including its technicians, with the most current cybersecurity knowledge, skills, and abilities. By taking innovative action, the TRIMEDX patient-first approach is better equipped to serve the needs of the evolving healthcare industry landscape and securing healthcare providers,” says Jeff Welgan, CyberVista’s head of executive and professional training. “While many organizations around the world are enacting initiatives to increase cybersecurity knowledge across dedicated cybersecurity roles, few organizations have acted on the transformative notion that the responsibility of cybersecurity does not solely fall onto the traditional cybersecurity practitioner themselves but rather to a team of people focused on patient care.”

In addition to this first program implementation, TRIMEDX will be making CyberVista’s comprehensive Security+, certified information security manager (CISM), and certified information systems security professional (CISSP) certification training courses available to its cyber specialists. TRIMEDX executive leadership will also have access to a four-part offering paired with a cyber incident tabletop exercise. These programs are designed to specifically address the unique needs, business behaviors, and potential risks senior executives face.